# ElizaOS Developer Update (2026-04-26 → 2026-05-01)

This week continued the V1→V2 stabilization work (deps, runtime modularity, self-hosting hardening) while leadership also shared a clearer picture of the forthcoming **ElizaOS v3** direction: a *full application runtime* capable of building/editing/executing apps dynamically across devices and social surfaces, monetized via Eliza Cloud.

---

## 1) Core Framework

### Runtime modularity: decoupling agent server from “apps”
Work across the framework is converging on a cleaner separation between:
- **Agent runtime/server** (core execution, event routing, tool orchestration)
- **Apps** (UI shells, deployments, device targets)

This is a prerequisite for v3’s “runtime applications” concept and also reduces coupling for plugin authors.

**Refs**
- Decouple agent server from specific applications: https://github.com/elizaos/eliza/pull/7204

### Event routing and trigger wiring improvements
Platform events are being standardized and correctly wired into the runtime trigger system, improving determinism for automations and social adapters.

**Refs**
- Wire event-kind triggers to runtime (Discord/Telegram event routing called out in weekly): https://github.com/elizaos/eliza/pull/7116

### Android execution path (native foreground service)
Agents can now run natively on Android via a foreground service, expanding the “agents anywhere” target surface.

**Refs**
- Android foreground service support: https://github.com/elizaos/eliza/pull/7172

### x402 paid routes groundwork (paid plugin routes)
The framework is continuing to harden paid-route support via **x402**, enabling paid access to plugin endpoints (and aligning with the Discord note that **$ELIZA** is being used as a default payment method for some elizaOS/Milady services).

**Refs**
- x402 paid plugin routes + hardened test harness: https://github.com/elizaos/eliza/pull/7100  
- Discord context on $ELIZA default payment method in x402 (discussion summary): https://discord.com/channels/1253563208833433701/1253563209462448241

---

## 2) New Features

### Self-hosted deployment hardening: CORS + Bearer auth + cross-platform build fixes
Self-hosted deployments were improved with:
- **CORS support** (to safely expose endpoints to browser-based clients)
- **Bearer authentication** (to gate access without requiring heavier auth infra)
- **Cross-platform build fixes** (to reduce Windows/macOS/Linux divergence)

While the exact configuration surface varies by deployment, the intended pattern is:

```ts
// Example pattern: protect self-hosted endpoints + allow controlled browser access
import { Hono } from "hono";
import { cors } from "hono/cors";
import { bearerAuth } from "hono/bearer-auth";

const app = new Hono();

app.use(
  "/api/*",
  cors({
    origin: ["https://your-console.example", "http://localhost:5173"],
    allowHeaders: ["Authorization", "Content-Type"],
    credentials: true,
  })
);

app.use("/api/*", bearerAuth({ token: process.env.ELIZA_BEARER_TOKEN! }));

app.get("/api/health", (c) => c.json({ ok: true }));
export default app;
```

**Why this matters**
- Enables safer local dashboards, admin consoles, and embedded clients.
- Makes “bring your own hosting” practical for teams that can’t rely on managed cloud.

**Refs**
- Daily technical summary (AI SDK + infra improvements): https://elizaos.github.io/api/summaries/overall/day/2026-04-30.json

### Multi-chain A2A payment functionality (ecosystem expansion)
Registry updates added multi-chain payment capabilities, enabling agent-to-agent and agent-to-service payments across multiple networks.

**Refs**
- Registry multi-chain payments: https://github.com/elizaos-plugins/registry/pull/352

### Cloud monetization plumbing: org credit debiting
Eliza Cloud work continued on billing/credits, including changes aimed at debiting organization credit balances (pay-as-you-go hosting direction).

**Refs**
- Org credit debiting PRs: https://github.com/elizaos/cloud/pull/473, https://github.com/elizaos/cloud/pull/474  
- Broader cloud architecture migration (Vite + Hono Workers): https://github.com/elizaos/cloud/pull/484

---

## 3) Bug Fixes (critical / high-impact)

### Planner robustness: malformed XML actions no longer break planning
A critical bugfix ensures the planner handles malformed XML actions correctly—important for tool-using agents where structured outputs are not always well-formed.

**Impact**
- Fewer “hard stops” in long-running autonomous sessions.
- Better recovery when a model emits partial/invalid structured tool calls.

**Refs**
- Fix malformed XML actions in planner: https://github.com/elizaos/eliza/pull/7099

### Telegram performance improvements (read receipts + cleanup)
Telegram plugin changes reduced overhead in read-receipt handling and removed legacy shims, improving runtime efficiency and maintainability.

**Refs**
- Telegram read-receipt optimization: https://github.com/elizaos-plugins/plugin-telegram/issues/7009  
- Telegram legacy cleanup/import shims: https://github.com/elizaos-plugins/plugin-telegram/issues/7202

### LifeOps persistence + asset path issues (stability)
Fixes were opened to address schedule persistence issues and asset path correctness—important for agents that maintain long-lived operational routines.

**Refs**
- LifeOps schedule persistence + asset path fixes: https://github.com/elizaos/eliza/pull/7132

---

## 4) API Changes (developer-facing)

### Provider stack version bumps (compatibility + behavior drift)
Several core AI SDK dependencies were updated to maintain compatibility and performance:

- `anthropic` SDK → **0.92.0**
- `ai` dependency → **6.0.172**
- `provider-utils` → **4.0.25**
- `provider` → **3.0.10**
- `openai` provider → **3.0.55**

**Developer notes**
- Expect minor behavioral differences in streaming/tool-call handling and error surfaces after provider bumps.
- If you pin provider versions in downstream apps, plan a coordinated upgrade to avoid mismatched peer deps.

**Refs**
- Daily technical summary: https://elizaos.github.io/api/summaries/overall/day/2026-04-30.json

### Plugin lifecycle direction (ongoing)
The broader “plugin-lifecycle” decoupling work implies plugins should rely less on app-specific globals and more on runtime-provided interfaces/hooks.

**Refs**
- Runtime decoupling: https://github.com/elizaos/eliza/pull/7204  
- Weekly coordination notes (cross-repo decoupling call-out): https://github.com/elizaos/elizaos.github.io/pull/247

---

## 5) Social Media Integrations

### Telegram
- Performance/maintenance improvements (see Bug Fixes section)
- Continued alignment with standardized event routing (paired with core trigger wiring)

**Refs**
- https://github.com/elizaos-plugins/plugin-telegram/issues/7009  
- https://github.com/elizaos-plugins/plugin-telegram/issues/7202  
- https://github.com/elizaos/eliza/pull/7116

### Discord
Discord itself wasn’t updated as a standalone plugin this week in the provided activity, but the **event-kind trigger wiring** improves Discord event handling consistency when using the shared routing layer.

**Refs**
- https://github.com/elizaos/eliza/pull/7116

### Twitter / Farcaster
No concrete plugin PRs/issues surfaced in this week’s aggregated activity.

---

## 6) Model Provider Updates

### Anthropic + OpenAI provider maintenance
Dependency updates landed (or were reported in the daily rollup) to keep ElizaOS compatible with evolving upstream APIs.

**Refs**
- Daily technical summary: https://elizaos.github.io/api/summaries/overall/day/2026-04-30.json

### Security tooling note (external): Claude Security beta
Discord discussions referenced **Claude Security** entering public beta for Claude Enterprise customers (codebase vulnerability scanning + patch suggestions). This is *not yet an ElizaOS integration*, but it’s relevant for teams building secure agent-operated code workflows (especially with “task issuance to Codex/Claude” as a v3 goal).

**Refs**
- Discord daily summary thread: https://discord.com/channels/1253563208833433701/1253563209462448241

---

## 7) Breaking Changes / Migration Warnings (V1 → V2 and toward V3)

### ⚠️ Ecosystem-wide dependency modernization (TS/Node/Bun)
The project has been upgrading TypeScript/Node/Bun across repositories. If you maintain plugins or forked runtimes:
- Revalidate build pipelines and `tsconfig` assumptions.
- Watch for ESM/CJS boundary issues and stricter TS checks.

**Refs**
- TS/Node/Bun upgrades (framework + docs coordination): https://github.com/elizaos/eliza/pull/7151, https://github.com/elizaos/elizaos.github.io/pull/247  
- Dependency dashboard coordination: https://github.com/elizaos/elizaos.github.io/issues/79

### ⚠️ Runtime decoupling can break app-coupled plugins
If your plugin imports from app packages or assumes specific server wiring, start migrating toward runtime-injected capabilities. The direction is clear: plugins should be portable across device targets and “apps”.

**Refs**
- https://github.com/elizaos/eliza/pull/7204

### ⚠️ Provider bumps can change tool-call and streaming semantics
If you rely on strict parsing of provider outputs (tool calling, structured formats), re-run regression suites after:
- `anthropic` SDK upgrades
- `openai` provider upgrades
- `ai` core dependency upgrades

**Refs**
- https://elizaos.github.io/api/summaries/overall/day/2026-04-30.json

---

### Additional context from Discord (v3 direction)
Shaw outlined v3 as:
- a **full application runtime** across devices/platforms
- integration with social surfaces (including **iMessage**)
- ability to issue tasks to tools like **Codex** and **Claude**
- workflows + dynamic runtime app creation/edit/execute
- monetization via **Eliza Cloud**
- ongoing focus areas raised by new devs: local LLM data storage, agent key security, and red-team swarm testing

**Refs**
- Discord discussion summary: https://discord.com/channels/1253563208833433701/1253563209462448241